- #FACEBOOK SESSION EXPIRED SEPTEMBER 2018 ANDROID#
- #FACEBOOK SESSION EXPIRED SEPTEMBER 2018 PASSWORD#
They also don't totally make it clear that Facebook did more than just reset tokens - if that were all that they did, all the attackers would have to do would be to start collecting tokens again. New comments cannot be posted and votes cannot be cast. None of Facebook's statements suggest that they're able to authenticate as you as the result of this particular exploit or vulnerability. Why the facebook still tell me session expired And what can i do to solve this problem. The same thing is true of anyone who might have wanted to exploit a token which let them spoof as you - they too would have to re-authenticate. The cuser cookie contains the user ID of the currently logged in user. That's why you suddenly were unable to access Facebook without re-logging in again. Any old token you had is no longer valid, not for you and not for an attacker either. But many Facebook users don't use 2-factor authentication.Īction has already been taken for you.
If your account had 2fa, it seems unlikely that an attacker could use this exploit to get into it. Is that incident normal or I should take security actions?
#FACEBOOK SESSION EXPIRED SEPTEMBER 2018 PASSWORD#
Tl dr: Facebook account suddenly got logged out of all devices, password was not changed, logged in entries are gone, no email warning about account being compromised, no two-factor authentication prompt showed up.Īre there any chances that someone was successfully able to get into my account? If yes, then how could they bypass the two-factor authentication?
However, I did not get any suspicious prompt on my phone to authenticate an unusual log in (Like "Did you just logged in near location xxxxx?"), also no warning email from my registered email telling me about my account being accessed on an unrecognized browser or computer. I was thinking of someone had tried (and succeeded?) to access my account, then logged out of all current sessions. The only entries I got were those log in on my phone and my laptop (also appeared to be my trusted devices). After I logged back in, I went to security under settings and checked the section "When you're logged in" and I saw that all of the past logged in entries are gone. Before, long time ago, when I created this account, I'd set up two-factor authentication for my account and when I checked after I did the log in, it was still active.Īfter that, I opened my laptop and Chrome then went to Facebook, just to find out that the session on PC was also logged out. I then tried logging in with my current password and was success to log in my account.
#FACEBOOK SESSION EXPIRED SEPTEMBER 2018 ANDROID#
A while ago, I was opening Facebook app on Android and then I got the message "Session expired.
0 kommentar(er)
